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Appl. No. 09/738,807 

Amdt dated 09/20/2004 

Reply to Office Action of 05/19/2004 

REMARKS 

This Amendment is in response to the Office Action mailed 05/19/2004. In the Office 
Action, the Examiner rejected claims 1-5 and 1 1-46 under 35 U.S.C. § 102, and rejected claims 
6-10 under 35 U.S.C. § 103. No claims are amended. Reconsideration in light of the remarks 
made herein is respectfully requested. 

Rejection Under 35 US. C.§102 

2. The Examiner rejects claims 1-5, 11-15, 16-21, 22-31, 32-41, and 42-46 under 35 U.S.C. 
§ 102(e) as being anticipated by Arrow et al. (6,175,917). 

Per claim 1, the Examiner asserts that Arrow discloses the management traffic is sent 
over the VPN (virtual private network) itself, citing Figure 1, Figure 1 shows a VPN 
Management Station 160 connected to a Public Network 100 and a plurality of VPN Units, such 
as VPN Unit 115, connected to the Public Network 100. Figure 1 of Arrow merely shows that 
the VPN Management Station 160 is connected to the Public Network 100. This does not show 
that the VPN Management Station 1 60 sends management traffic over the VPN. Applicant is 
unable to find anything in Arrow to support the inference that management traffic is sent over the 
VPN. To the contrary Arrow discloses that, "VPN management station 160 controls VPN units 
115, 125 and 135 through commands and configuration information transmitted to the respective 
VPN unit through public network 100." Col. 6, lines 31-34. Thus Arrow does not disclose each 
and every element of the claim. 

Per claim 2, the Examiner asserts that Arrow discloses the management traffic using 
secure in-band management due to the use of at least the encryption of column 7. Applicant 
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respectfully disagrees. Nothing in column 7 discloses that the VPN Management Station 160 is a 
member of any VPN nor that management traffic is encrypted or sent over a VPN. 

Per claim 3, the Examiner asserts that Arrow discloses a one or more management port 
414 is linked with the VPN for management thereof. Applicant respectfully disagrees. Figure 4 
shows a network communication port 414 connected to the public network 100. Applicant 
submits that nothing in Arrow discloses that the network communication port 414 is a 
management port as claimed. 

Per claim 4, the Examiner asserts that Arrow discloses a management function (i.e. 
Figures 5 and 6) internal to 1 15 is linked with the VPN via the schematic of Figure 4. Applicant 
respectfully disagrees. Figure 4 shows a network communication port 414 connected to the 
public network 100. Applicant submits that nothing in Arrow discloses that the management 
function internal to the network device is linked with the VPN as claimed. 

Per claim 5, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 

Per claim 11, the Examiner asserts that the method steps are met by configuring VPN unit 
1 15 to support a VPN via section 160 and linking a management device 160 and its function with 
the VPN. Applicant respectfully disagrees. Applicant is unable to find anything in Arrow to 
support the inference that a management device and its function are linked with the VPN. As 
disclosed in column 9, the management device 160 of Arrow may be used to boot load the VPN 
unit 115 and to configure the unit. One skilled in the art would reasonably infer that the VPN 
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Management Station 1 60 does not send management traffic over the VPN because the 
Management Station provides commands for establishing a virtual private network that operates 
over a public network. If the VPN Management Station 160 is used to establish a virtual private 
network, the VPN Management Station cannot communicate with the VPN Units to establish the 
VPN using the VPN that is not yet established. 

Per claim 12, the Examiner asserts that Arrow discloses the management traffic is carried 
over the VPN itself. As discussed above in connection with claim 1 1, the management device 
would be unable to communicate with VPN units to establish a VPN before the VPN is 
established. 

Per claim 13, the Examiner asserts that Arrow discloses the network device 1 1 5 is 
managed using the VPN carried management traffic. Applicant respectfully submits that the 
network communication port 4 14 is not a management port as claimed. As discussed above in 
connection with claim 1 1 , the network device could not be managed using VPN earned 
management traffic before the VPN is established. 

Per claim 14, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 

Per claim 15, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 
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Per claim 16, the Examiner asserts that the VPN unit 1 15 is configured to support a VPN 
with a link that links a management function with the VPN via port 414. Applicant respectfully 
disagrees. Applicant is unable to find anything in Arrow to support the inference that a 
management function is linked with the VPN unit using the VPN. As discussed above in 
connection with claim 11, the management function would be unable to communicate with VPN 
units to establish a VPN before the VPN is established. 

Per claim 17, the Examiner asserts that Arrow discloses the routing and forwarding 
module delivers management traffic on the VPN for the network device 115. Applicant 
respectfully submits that the network communication port 414 is not a management port as 
claimed. As discussed above in connection with claim 11, the management traffic would be 
unable to establish a VPN on the network device before the VPN is established. 

Per claim 1 8, as discussed above in connection with claim 11, the network device could 
not be managed using VPN carried management traffic before the VPN is established. 

Per claim 19, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 

Per claim 20, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 



Docket No: 81862.P178 Page 15 of 22 JAH/phs 

PAGE 21/28 ' RCVD AT 9/20/2004 6:11:27 PM [Eastern Daylight Time] * SVR:USPTO-EFXRF-1/7 * DNIS: 8729306- CSID: 7145573347" DURATION (mm-ss): 10-06 



09/20/3004 MON 14:16 FAX 7145573347 BST2 CM ( g)022 

Appl. No. 09/738,807 

Amdt. dated 09/20/2004 

Reply to Office Action of 05/19/2004 

Per claim 21, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 

Per claim 22, the Examiner asserts that the "means+function" are met by the means for 
receiving management traffic over the VPN, at for example, 414 and that the means for 
managing the network device using the management traffic received over the VPN is met by 
Figures 4-6. Applicant respectfully disagrees. Applicant is unable to find anything in Arrow to 
support the inference that a management function is linked with the VPN unit using the VPN. 
As discussed above in connection with claim 1 1, the management function would be unable to 
communicate with VPN units to establish a VPN before the VPN is established. 

Per claim 23, the Examiner asserts that Arrow discloses the means for managing the 
network device using a secure in-band management configuration as the encryption disclosed in 
column 7. Applicant respectfully disagrees. Nothing in column 7 discloses that the VPN 
Management Station 160 is a member of any VPN nor that management traffic is encrypted or 
sent over a VPN. 

Per claim 24, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 

Per claim 25, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 
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Per claim 26, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 

Per claim 27, the Examiner asserts that the "means+function" claims parallel claims 11- 
15 and that the claimed elements are met by configuring VPN unit 1 15 by station 160 to support 
a VPN, with means linking the management device 160 and its functionality to the VPN via port 
908. Applicant respectfully disagrees. Applicant is unable to find anything in Arrow to support 
the inference that a management device and its function are linked with the VPN. As discussed 
above in connection with claim 1 1, the management device would be unable to communicate 
with VPN units to establish a VPN before the VPN is established. 

Per claim 28, the Examiner asserts that Arrow discloses means for carrying management 
traffic for the network device using the VPN. As discussed above in connection with claim 11, 
the management device would be unable to communicate with VPN units to establish a VPN 
before the VPN is established. 

Per claim 29, the Examiner asserts that Arrow discloses means for managing the network 
device using the management traffic carried on the VPN. As discussed above in connection with 
claim 1 1, the network device could not be managed to establish a VPN using VPN carried 
management traffic before the VPN is established. 

Per claim 30, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 
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Per claim 31, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 

Per claims 32-41, claims are made to a machine-readable medium to carry out the method 
as claimed in claims 1-5 and 11-15. The rejections of claims 32-41 are traversed on the same 
basis as the traversal of claims 1-5 and 1 1-15 set forth above. 

Per claim 42, the Examiner asserts that Arrow discloses the management traffic is sent 
over the VPN (virtual private network) itself, citing Figure 1 . Applicant respectfully disagrees. 
Figure 1 shows a VPN Management Station 160 connected to a Public Network 100 and a 
plurality of VPN Units, such as VPN Unit 1 15, connected to the Public Network 100. Applicant 
is unable to find anything in Arrow to support the inference that management traffic is sent over 
the VPN. A VPN operates over a public network. Col. 3, lines 3-4. Figure 1 of Arrow merely 
shows that the VPN Management Station 160 is connected to the Public Network 100. This does 
not show that the VPN Management Station 160 sends management traffic over the VPN. To 
the contrary Arrow discloses that, "VPN management station 160 controls VPN units 115, 125 
and 135 through commands and configuration information transmitted to the respective VPN 
unit through public network 100." Col. 6, lines 31-34. One skilled in the art would reasonably 
infer that the VPN Management Station 160 does not send management traffic over the VPN 
because the Management Station provides commands for establishing a virtual private network 
that operates over a public network. If the VPN Management Station 160 is used to establish a 
virtual private network, the VPN Management Station cannot communicate with the VPN Units 
to establish the VPN using the VPN that is not yet established. 
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Per claim 43, the Examiner asserts that Arrow discloses the management traffic using 
secure in-band management due to the use of at least the encryption of column 7. Applicant 
respectfully disagrees. Nothing in column 7 discloses that the VPN Management Station 160 is a 
member of any VPN nor that management traffic is encrypted or sent over a VPN. 

Per claim 44, the Examiner asserts that Arrow discloses a one or more management port 
414 is linked with the VPN for management thereof. Applicant respectfully disagrees. Figure 4 
shows a network communication port 414 connected to the public network 100. Applicant 
submits that nothing in Arrow discloses that the network communication port 414 is a 
management port as claimed. 

Per claim 45, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 

Per claim 46, applicant relies on the patentability of the claims from which this claim 
depends to traverse the rejection without prejudice to any further basis for patentability of this 
claim based on the additional elements recited. 

Applicant respectfully requests that the Examiner withdraw the rejection of claims 1-5, 
1 1-15, 16-21, 22-31, 32-41, and 42-46 under 35 U.S.C § 102(e) as being anticipated by Arrow. 

Rejection Under 35 U.S.C. §103 

5. The Examiner rejects claims 6-10 under 35 U.S.C. § 103(a) as being unpatentable over 
Arrow et al. (6,175,917) in view of applicant's admitted prior art (APA). 
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The Examiner asserts that Arrow sets forth a substantial portion of the claimed subject 
matter via the anticipation analysis such as applied to claims 1-5. The Examiner refers to Figure 
4 of applicant's specification which shows a prior art router that includes a plurality of VPN 
input/output links at 422A-C. The Examiner asserts that it would have been obvious to one 
having ordinary skill in the art at the time the invention was made to modify a VPN unit 115 per 
the teachings of the APA Figure 4 so that it is possible to facilitate private communications on 
the particular router or the same modules on other routers. 

Applicant respectfully disagrees that there is any suggestion or motivation, either in the 
references themselves or in the knowledge generally available to one of ordinary skill in the art, 
to modify the reference or to combine reference teachings in the way suggested by the Examiner. 
Arrow teaches a system that provides a virtual private network operating over a public data 
network. There is no motivation to combine the teachings of APA with Arrow because the 
combination would not provide anything not already provided by the teachings of Arrow. 

Second, applicant submits that there is no reasonable expectation of success in the 
proposed combination. Arrow teaches a system for loading an operating system in a VPN unit 
connected to a public network thrxmgh commands and configuration information transmitted 
through the public network. Col. 6, lines 31-34. The proposed combination would transmit 
commands and configuration information over a VPN. However those commands and 
configuration information include information required to operate the VPN unit. Col. 9, lines 
33-46. If the VPN unit receives management traffic from the VPN, that traffic can hardly be 
used to provide information required to operate the VPN unit. 



Docket No: 8 1 862.P178 Page 20 of 22 JAH/phs 

PAGE 25/28 * RCVD AT 9/20/2004 6:1 1:27 PM [Eastern Daylight Time] " SVR:USPTO-EFXRF-1/7 * DNIS:8729308 * CSID:7145573347 * DURATION (mm-ss): 10-06 



1)9/20/2004 MON 14:18 FAX 7145573347 BSTZ CM @027. 

Appl. No. 09/738,807 

Amdt dated 09/20/2004 

Reply to Office Action of 05/19/2004 

Finally, the prior art references when combined do not teach or suggest all the claim 
limitations. Neither Arrow nor APA, singly or in combination, teach or suggest a routing and 
forwarding module to receive management traffic over the VPN. Arrow instead teaches away 
from receiving management traffic over the VPN because the Management Station provides 
commands for establishing a virtual private network that operates over a public network. If the 
VPN Management Station 160 is used to establish a virtual private network, the VPN Units 115 
cannot receive management traffic over the VPN to establish the VPN using the VPN that is not 
yet established. 

Further, neither Arrow nor APA, singly or in combination, teach or suggest a 
management module to receive the management traffic over the VPN. Arrow does not show a 
management module. APA shows a management module 410 connected to receive management 
traffic over the non-secure data links such as the core data links 420. Specificatiorvpage 4. The 
internal management connection 411 between the management module 410 and the generic 
routing and forwarding module 412 shown in APA is in great contrast to the inventive internal 
management VPN link 711 between the management module 610 and the management VPN 
module 655 shown in Figure 7. The external management VPN links 624 of Figure 6 are 
likewise distinct from the disclosure of APA. 

The rejections of claims 7-10 are further traversed on the same basis as claims 2-5 
discussed above. 

Applicant respectfully requests that the Examiner withdraw the rejection of claims 6-10 
under 35 U.S.C. § 103(a) as being unpatentable over Arrow in view of APA. 
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Conclusion 



Applicant respectfully requests that a timely Notice of Allowance be issued in this case. 

Respectfully submitted, 

BLAKELY, SO£OLOFF, TAYLOR & ZAFMAN LLP 

Dated: 09/20/2004 




£ 41,064 

Tel.r(714) 557-3800 (Pacific Coast) 
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